Using configuration files

The default locations for each component’s configuration files are:

• Server—/opt/wakari/wakari-server/etc/wakari/config.json.

• Gateway—/opt/wakari/wakari-gateway/etc/wakari/config.json.

• Compute—/opt/wakari/wakari-compute/etc/wakari/config.json.

Additionally, service-specific configuration files may also be present in the following locations:

• Server—/opt/wakari/wakari-server/etc/wakari/wk-server-config.json.

• Gateway—/opt/wakari/wakari-gateway/etc/wakari/wk-gateway-config.json.

• Compute—/opt/wakari/wakari-compute/etc/wakari/wk-compute-config.json.

Each service loads each of the configuration files in the following order and updates the AEN configuration at each step:

1. /etc/wakari/config.json.

2. /etc/wakari/wk-gateway-config.json.

3. /opt/wakari/wakari-SERVICE/etc/wakari/config.json.

4. /opt/wakari/wakari-SERVICE/etc/wakari/wk-SERVICE-config.json.

5. ./config.json.

6. ./wk-gateway-config.json.

AEN configuration keys

The following is a list of AEN supported configuration keys:

Server Configuration Keys

Key	Default	Description
CDN	$WAKARI_SERVER/static/	The location of static assets.
MONGO_DB	wakari	The name of the AEN database in mongodb.
MONGO_URL	mongodb://localhost/	The URL of your AEN server’s mongodb instance. Format: mongodb://<username>:<password>@<host>:<port>/
WAKARI_SERVER		The URL of this AEN server.
DEFAULT_PRIVACY	public	The default project privacy setting—can be either public or private.
SESSION_COOKIE_NAME	wakari. enterprise.session	The Cookie name used to maintain Anaconda Enterprise Notebooks Enterprise login sessions.
SESSION_COOKIE_SECURE	false	This key is automatically set to true when SSL is enabled. It will default to false when SSL is not enabled. Manually changing this value may cause the system to malfunction if it’s not configured properly.
PERMANENT_SESSION	True`	Sets cookie session to permanent. This will keep the session open after the browser is closed. The session will still expire after the number of minutes set in the SESSION_LIFETIME key.
SESSION_LIFETIME	120	Time in minutes until the session expires. The counter resets with each request.
USE_SES	false	Sets whether AEN will use Amazon SES to send emails.
SMTP		Sets the SMTP email settings.
- host		A SMTP subkey—the SMTP mail server hostname.
- user		SMTP subkey—the username for SMTP server authentication.
- password		SMTP subkey—the password for SMTP server authentication.
- from_addr		SMTP subkey—the From address for emails sent through SMTP.
verify_gateway _certificate	true	A boolean setting that indicates whether your AEN server should verify the gateway SSL certificate.
accounts	wk_server.plugins .accounts.cloud	The account provider class. For LDAP, this should be set to wk_server.plugins.accounts.ldap_accounts.
uniqueEmail	true	A boolean setting that indicates whether unique user email addresses are required. See note below about updating the database when setting uniqueEmail.
has_internet	true	Boolean for retrieving the avatar from the gravatar URL. If false a local default is used instead.
LDAP	389	LDAP configurations.
- SERVER		LDAP subkey—A list of LDAP servers. At least one server name must be listed. The primary server should be listed first. All secondary or fail-over servers should be listed after the primary.
- PORT	389	LDAP subkey—The LDAP port on the LDAP server.
- AUTH_TYPE		LDAP subkey—LDAP Authentication types. simple—no encryption not secure.``TLS``–encrypted secure requires the TLS_CERT to be set.
- TLS_CERT		LDAP subkey—the full path to the TLS certificate file. The certificate file must also be provided by the Enterprise.
- BASEDN		LDAP subkey—the LDAP Base DN value.
- OU		LDAP subkey—a list of Organizational Units. Some Enterprises group users by OUs in their LDAP server records. AEN will loop over the list of OUs when authenticating a user. The OU value is a list of lists to support multiple OUs where each OU is a single name or a hierarchy of names.
ANON_USER	anonymous	Username—such as public or anonymous– assigned users who are not logged in to access projects. To disable public access use the special value disabled. For more information, see Configuring sudo customizations.
SEARCH_ENABLED	true	Boolean indicating whether ElasticSearch is enabled
SEARCH_SERVER	'localhost:9200'	IP address or domain name and port of ElasticSearch server
LOG_LEVEL	'DEBUG'	Log verbosity. One of: ‘ERROR’ ‘WARN’ ‘INFO’ ‘DEBUG’

NOTE: If you set uniqueEmail to false, you must drop the existing index in the database. EXAMPLE: If the index name is email_1, run db.users.dropIndex("email_1").

Gateway Configuration Keys

Key	Default	Description
WAKARI_SERVER		The URL of the AEN WAKARI_SERVER.
port	8089	The Port number used by the gateway application. Must be a non-privileged port (>= 1024).
client_id		The client ID assigned to this gateway by the server during wk-gateway-configure.
client_secret		The Client secret assigned to this gateway by the server during wk-gateway-configure.
httpTimeout	600	Timeout in seconds. The default is 10 minutes to allow project creation.
logLevel	info	Log verbosity. One of: ‘error’ ‘warn’ ‘info’ ‘debug’.
https		Enable SSL encryption. For more information, see Configuring SSL.
- key		A https subkey–Path to gateway key.
- cert		A https subkey–Path to gateway cert.
- ca		A https subkey–Required if cert was signed by a private root CA or signed by an intermediate authority. It must contain separate values for the paths to the CA root, any intermediates and the certificate for the Server.
- passhphrase		A https subkey–Passphrase required to decrypt SSL certs.

Compute Node Configuration Keys

Key	Default	Description
WAKARI_SERVER		The URL of the AEN WAKARI_SERVER.
MANAGE_ACCOUNTS	true	A boolean setting that indicates whether AEN should manage system user accounts. Set to false for LDAP installations.
identicalGID	false	To make the AEN compute service create groups with the same uid. Set to true If the /projects folder resides on an NFSv3 volume. For more information, see Group and user permissions for NFS.
port	2227	The port number used by the compute-launcher application. Note that individual applications use dynamic ports.
projectRoot	/projects	The location of project file storage.
logLevel	info	Log verbosity. One of: ‘error’ ‘warn’ ‘info’ ‘debug’
logMaxSize	10000000	Max size in bytes of the logfile. Default is 10 MB. If the size is exceeded then a new file is created and a counter will become a suffix of the log file.
logMaxFiles	30	Limit the number of files created when the size of the logfile is exceeded
appIdleTime	172800000 (48 hours)	The amount of idle time before applications will be auto-terminated (in msec).
idleCheckInterval	3600000 (1 hour)	The frequency of idle checks.
numericUsernames	false	A boolean setting that indicates whether numeric usernames are permitted.
httpTimeout	600	The time before a timeout—in seconds. The default is 10 minutes—600 seconds—to allow time for project creation.
ANON_USER	anonymous	Username such as public or anonymous for users who are not logged in to access projects. To disable public access use the special value disabled. For more information, see Configuring sudo customizations.
projDirsAsHome	false	A boolean setting. When false AEN apps use /home/<username> as HOME. When true AEN apps use /projects/<username> as HOME.
emptyDefaultChannels	true	A boolean setting. When true AEN sets default_channels to be an empty list on the project’s .condarc preventing the search of packages from the free channel. If you set this option as false, and if you already started a project with this setting as true, you will need to modify the existing project’s .condarc and remove the default_channels: [] line.

Server Internal Configuration Keys - Do not change

Key	Default	Description
PROVIDERS	["wk_server.plugins .providers.enterprise"]	A list of compute provider classes.
MONGO_ACTION _LOG_SIZE	262144000	The size of the Mongo action log in bytes.
SITE_ADMINS		A list of site administrator email addresses—used for crash notifications and LDAP password reset requests.
FROM _EMAIL_ADDR		The From address for notification emails sent by AEN.
uniqueUserName	true	A boolean setting that indicates whether unique usernames are required.

Gateway Internal Configuration Keys - Do not change

Key	Default	Description
CDN	$WAKARI_SERVER/static/	The location of static assets.
SUBDOMAIN_ROUTING	false	A boolean that indicates whether subdomains are being used.
refreshTokenExpiration	600000	Idle time in milliseconds before the Gateway session expires.

Compute Node Internal Configuration Keys - Do not change

Key	Default	Description
CDN	$WAKARI_SERVER/static/	The location of static assets.
USE_SES	false	Sets whether AEN will use Amazon SES to send emails.
multiUser	true	A boolean that indicates whether multi-user support is enabled.
multiProject	true	A boolean that indicates whether multi-project support is enabled.
ANACONDA_ROOT	/opt/wakari/anaconda	The location of your Anaconda installation.
appLogs	/opt/wakari/wakari- compute/var/log/wakari/ compute-launcher-apps	The directory where application logs are stored.
appPIDs	/opt/wakari/wakari-compute/ var/run/compute-launcher-apps	The directory where application PID files are stored.
applicationLog	/opt/wakari/wakari-compute/ var/log/wakari/ compute-launcher.application.log	The path to the compute launcher log.
accessLog	opt/wakari/wakari-compute/ var/log/wakari/ compute-launcher.access.log	Path to compute launcher access log

Checking configuration file syntax

To verify that the configuration file contains valid JSON, run:

root@server  # python -m json.tool /opt/wakari/wakari-server/etc/wakari/*.json
root@gateway # python -m json.tool /opt/wakari/wakari-gateway/etc/wakari/*.json
root@compute # python -m json.tool /opt/wakari/wakari-compute/etc/wakari/*.json

If the file is correct, the contents are displayed.

If there is a syntax error in the file, a “No JSON object could be decoded” message is displayed instead.

To fix any errors, edit the configuration file and verify that it contains the correct JSON syntax.